Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43815)
CVE-2025-43815
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43817)
CVE-2025-43817
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43818)
CVE-2025-43818
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43820)
CVE-2025-43820
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43821)
CVE-2025-43821
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43822)
CVE-2025-43822
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43823)
CVE-2025-43823
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43824)
CVE-2025-43824
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43826)
CVE-2025-43826
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43829)
CVE-2025-43829
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43830)
CVE-2025-43830
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-4388)
CVE-2025-4388
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-4576)
CVE-2025-4576
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-4599)
CVE-2025-4599
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-4604)
CVE-2025-4604
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62237)
CVE-2025-62237
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62238)
CVE-2025-62238
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62239)
CVE-2025-62239
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62240)
CVE-2025-62240
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62246)
CVE-2025-62246
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62248)
CVE-2025-62248
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62249)
CVE-2025-62249
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62255)
CVE-2025-62255
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62263)
CVE-2025-62263
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62264)
CVE-2025-62264
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62265)
CVE-2025-62265
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62267)
CVE-2025-62267
CWE-707
Medium
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053)
CVE-2021-29053
CWE-138
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120)
CVE-2022-42120
CWE-138
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
CVE-2022-42121
CWE-138
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42122)
CVE-2022-42122
CWE-138
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)
CVE-2023-33945
CWE-138
High
Liferay Portal Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-62257)
CVE-2025-62257
CWE-307
Medium
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
CVE-2024-25606
CWE-611
High
Liferay Portal Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793)
CVE-2025-43793
CWE-1284
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)
CVE-2021-33335
CWE-863
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25149)
CVE-2024-25149
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-25604)
CVE-2024-25604
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-3586)
CVE-2025-3586
CWE-863
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-43784)
CVE-2025-43784
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-43789)
CVE-2025-43789
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-43806)
CVE-2025-43806
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-62243)
CVE-2025-62243
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-62259)
CVE-2025-62259
CWE-863
Medium
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-62275)
CVE-2025-62275
CWE-863
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052)
CVE-2021-29052
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324)
CVE-2021-33324
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33327)
CVE-2021-33327
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33333)
CVE-2021-33333
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33334)
CVE-2021-33334
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268)
CVE-2021-38268
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-26595)
CVE-2022-26595
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-41414)
CVE-2022-41414
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42127)
CVE-2022-42127
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42128)
CVE-2022-42128
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42130)
CVE-2022-42130
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)
CVE-2024-25605
CWE-276
Medium
Liferay Portal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-43808)
CVE-2025-43808
CWE-732
Medium
Liferay Portal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-62251)
CVE-2025-62251
CWE-732
Medium
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
CVE-2022-42124
CWE-1333
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)
CVE-2023-33950
CWE-1333
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2025-43764)
CVE-2025-43764
CWE-1333
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)
CVE-2023-33949
CWE-1188
High
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-25610)
CVE-2024-25610
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)
CVE-2024-26267
CWE-1188
Medium
Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2025-43797)
CVE-2025-43797
CWE-1188
Medium
Liferay Portal Insertion of Sensitive Information into Log File Vulnerability (CVE-2025-62262)
CVE-2025-62262
CWE-532
Medium
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768)
CVE-2025-43768
CWE-201
High
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43814)
CVE-2025-43814
CWE-201
Medium
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43825)
CVE-2025-43825
CWE-201
Medium
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322)
CVE-2021-33322
CWE-613
High
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2025-43819)
CVE-2025-43819
CWE-613
Medium
Liferay Portal Insufficiently Protected Credentials Vulnerability (CVE-2021-29043)
CVE-2021-29043
CWE-522
Medium
Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512)
CVE-2022-38512
CWE-862
Medium